Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/_XByPYua4lSiz1JjtTwJ5C2GEQA.roa
File: _XByPYua4lSiz1JjtTwJ5C2GEQA.roa (raw, json)
Hash identifier: YK/huEKlGssag+Fi6rA6+mnZIFU4TjsewF8SmasBjZA=
Subject key identifier: FD:70:72:3D:8B:9A:E2:54:A2:CF:52:63:B5:3C:09:E4:2D:86:11:00
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 019423D7711D3078D4D16D95523B15519159
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/_XByPYua4lSiz1JjtTwJ5C2GEQA.roa
Signing time: Wed 01 Jan 2025 21:48:29 +0000
ROA not before: Wed 01 Jan 2025 21:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207781
IP address blocks: 2a09:e1c1:efc0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:71:1d:30:78:d4:d1:6d:95:52:3b:15:51:91:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 21:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd70723d8b9ae254a2cf5263b53c09e42d861100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:71:1e:85:68:a4:e4:36:58:61:d3:f3:a2:91:
31:ca:14:1e:41:8e:37:32:61:1a:f7:d1:fe:fe:6a:
fc:d6:b4:f0:39:6a:c8:9d:e4:98:b9:58:56:31:5a:
5d:7a:47:a7:e8:45:33:31:90:28:41:c9:81:93:58:
b0:e7:16:1d:ba:d7:29:26:5f:7e:f7:f1:21:e4:eb:
e4:b6:3c:58:01:f9:bb:89:c1:c0:6e:b9:0c:e0:ed:
8a:77:18:32:1e:61:7a:6e:a4:97:a1:0a:2f:74:98:
aa:be:00:a6:31:4c:01:01:e2:e8:ca:6b:b7:80:73:
93:ce:ea:d2:55:9b:8e:8d:49:ff:03:d7:d6:99:0a:
53:8a:c9:4f:61:4f:35:09:4d:96:d5:d3:20:40:7b:
f5:95:1b:8d:45:5e:d6:50:a9:87:19:70:04:16:46:
a1:5f:1c:82:25:00:81:c4:91:43:9b:bd:87:e0:09:
77:fd:47:ff:b3:04:0d:56:9e:d6:4d:b0:f8:36:8b:
10:b9:e5:f4:ac:de:e6:ad:33:e0:af:72:16:17:bc:
d8:fe:6e:45:59:47:87:df:ae:01:e0:8c:70:9e:ed:
1e:c9:cf:18:8b:12:ad:a5:60:a4:48:02:99:a0:b1:
90:98:35:73:b6:b7:bc:24:f7:fe:58:e6:92:15:64:
2a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:70:72:3D:8B:9A:E2:54:A2:CF:52:63:B5:3C:09:E4:2D:86:11:00
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/_XByPYua4lSiz1JjtTwJ5C2GEQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e1c1:efc0::/44
Signature Algorithm: sha256WithRSAEncryption
45:2e:b3:ce:9a:64:58:b6:58:d1:4b:6f:fa:ec:3c:3b:fa:9b:
a4:72:72:62:cf:d2:09:d2:01:41:98:30:ac:fc:bd:98:2b:af:
dc:7a:9b:03:3e:ac:34:a4:c1:c9:d8:d0:20:48:3e:5b:99:0d:
c9:85:ec:a2:7c:8e:f7:c4:94:23:82:9c:91:9b:2f:14:bd:d3:
c0:ee:b5:eb:58:43:52:36:81:a0:72:c3:f2:e8:2c:50:b4:11:
49:36:e8:6c:1d:03:c8:95:09:93:55:11:e9:0f:13:b4:6b:ca:
d6:17:80:ae:13:2c:d2:f5:c3:b7:4d:c2:fd:66:4d:5f:3e:bf:
cb:c0:46:7b:bc:e7:e8:a4:65:69:bf:7e:f0:6a:26:3c:b5:c2:
3a:c9:b4:3f:6b:c0:bc:28:20:2f:cf:24:9f:f2:05:c0:79:38:
da:bf:a4:2c:2a:9a:94:6f:38:8f:01:cb:7e:91:3b:12:61:a3:
84:a9:f5:c8:c4:bd:97:bc:6a:f5:95:70:82:6f:6e:5a:5e:b6:
b8:5a:e3:c6:af:51:8f:0d:43:df:f3:9e:b1:40:9b:38:57:be:
6a:60:1b:31:0f:e1:d1:bc:0f:1a:97:4a:2d:e7:37:c0:00:ec:
7a:f0:30:d3:98:a3:8d:bc:e8:0e:70:7b:e3:da:c0:6b:ca:fc:
2c:78:e8:4e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQj13EdMHjU0W2VUjsVUZFZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjUwMTAxMjE0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDcwNzIzZDhiOWFlMjU0YTJjZjUyNjNiNTNjMDllNDJkODYxMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3EehWik5DZYYdPzopExyhQeQY43
MmEa99H+/mr81rTwOWrIneSYuVhWMVpdeken6EUzMZAoQcmBk1iw5xYdutcpJl9+
9/Eh5OvktjxYAfm7icHAbrkM4O2KdxgyHmF6bqSXoQovdJiqvgCmMUwBAeLoymu3
gHOTzurSVZuOjUn/A9fWmQpTislPYU81CU2W1dMgQHv1lRuNRV7WUKmHGXAEFkah
XxyCJQCBxJFDm72H4Al3/Uf/swQNVp7WTbD4NosQueX0rN7mrTPgr3IWF7zY/m5F
WUeH364B4Ixwnu0eyc8YixKtpWCkSAKZoLGQmDVztre8JPf+WOaSFWQqZQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP1wcj2LmuJUos9SY7U8CeQthhEAMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvX1hCeVBZdWE0bFNpejFKanRUd0o1QzJHRVFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgnhwe/A
MA0GCSqGSIb3DQEBCwUAA4IBAQBFLrPOmmRYtljRS2/67Dw7+pukcnJiz9IJ0gFB
mDCs/L2YK6/cepsDPqw0pMHJ2NAgSD5bmQ3JheyifI73xJQjgpyRmy8UvdPA7rXr
WENSNoGgcsPy6CxQtBFJNuhsHQPIlQmTVRHpDxO0a8rWF4CuEyzS9cO3TcL9Zk1f
Pr/LwEZ7vOfopGVpv37waiY8tcI6ybQ/a8C8KCAvzySf8gXAeTjav6QsKpqUbziP
Act+kTsSYaOEqfXIxL2XvGr1lXCCb25aXra4WuPGr1GPDUPf856xQJs4V75qYBsx
D+HRvA8al0ot5zfAAOx68DDTmKONvOgOcHvj2sBryvwseOhO
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:03:18 2025 by rpki-client